In previous articles by The National CIO Review, we covered Okta’s latest breach. As more information was slowly released to the public, additional details were revealed and the breach appears to be more far-reaching than initially reported.
So what is the cloud company’s update now? And is the public getting the whole story this time?
In October of this year, Okta disclosed that its customer support system was infiltrated. They shared that, fortunately, only less than 1% of clients were impacted. Attackers used stolen login credentials to access an Okta support account, enabling them to pilfer cookies and session tokens used by customer support providers for troubleshooting. However, companies like 1Password, BeyondTrust, and Cloudflare detected and blocked these intrusions before customers were affected
In early November, Okta released more information to the public regarding the breach and shared that it originated from the compromise of an Okta employee, who inadvertently logged into the service account while using their personal Google profile in Chrome on an Okta-managed laptop. This lapse in security allowed the attacker to gain access to the service account credentials, although the precise method remains unclear.
The New Scoop
While Okta previously believed that only around 200 clients were affected by the breach, new reports expose that all of the firm’s customer support users were impacted. They shared a letter to their clients disclosing the news and said that as of now, there is no direct evidence of the hackers using the extracted data to target customers. As they uncover more information with a digital forensics team they will update their customers.
The broader breach has increased vulnerabilities for clients, leaving them susceptible to heightened cyberattacks or phishing scams. On the bright side, Okta’s customers with the Department of Defense claim to be unaffected by the incident. However, guards are still up as customers worry about what malicious actors could potentially leverage from the compromised access and data obtained.
Since the original disclosure of this hack, the company has lost over $2 billion in market capitalization. Because of the business Okta is in, they are an easy, high-profile, target. In addition to this, their failure to disclose the breach originally has customers, security experts, industry observers, and the public alarmed.